According to the American officials, Lazarus, an alleged North Korean hacker group, stole $625M worth of cryptocurrency. The Treasury Department’s Office of Foreign Assets Control released details on Thursday about Lazarus’ continuous heists over the past years.
The US officials reported on the recent theft that took place on the Ethereum blockchain. The North Korean-backed hacker group, Lazarus stole about $625M from the Ronin Network, which regulates the famous blockchain game Axie Infinity.
The crypto wallet proved to be in the ownership of Lazarus holding 148,000 ether based on the FBI investigations, alarming the authorities on possible North Korean involvement in the Ronin attack.
The officials also released details on how this theft took place. The hackers exploited the “bridges” in blockchain technology. A bridge is a tool that enables users to do transactions from one network to another. They facilitate users in making transfers in the DeFi world.
According to Elliptic, a blockchain analysis firm, the hackers have already laundered 14% of the stolen amount, and some amount, around 9.7 million, is in process of laundering.
The recently affirmed U.S sanctions by the government prohibit American citizens and companies from making transactions with a recognized Ethereum account. This ensures the Lazarus Group is unable to trace the transfers.
According to the Elliptic, North Korea might be “preparing for nuclear testing” and ballistic missile programs.
About Lazarus Group
Lazarus Group has a history of being involved in the theft. The hackers are identified as a state-sponsored group by North Korea to exploit the blockchain networks and steal funds whenever they see the opportunity.
Lazarus Group was involved in the Sony Pictures hack in 2014 and the WannaCry ransomware attacks in 2017.
According to various reports, Lazarus is suspected of all seven attacks done by North Korea on cryptocurrency transactions. The hackers have stolen over $400M in digital assets, only last year.
They use the “mixer” service to transfer the stolen funds to their wallets, which manipulates the system with identifiable transactions by mixing them with others on the blockchain. Lazarus successfully transferred $80M through Tornado Cash, a protocol for private transactions, through mixing services.
Ronin says, “We are still in the process of adding additional security measures before redeploying the Ronin Bridge to mitigate future risk.” The network plans on completing its security verification and brings back the bridge online by the month’s end.